package org.xx.bookstore.config;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.xx.armory.commons.ForLogging;
import org.xx.armory.spring5.security.AdminAuthenticationProvider;
import org.xx.armory.spring5.security.AuthenticationController;
import org.xx.armory.spring5.security.AuthorityEntry;
import org.xx.armory.spring5.security.JdbcAuthenticationDao;
import org.xx.armory.spring5.security.JdbcAuthenticationProvider;
import org.xx.armory.spring5.security.SimplePasswordEncoder;
import org.xx.armory.spring5.security.UserController;

import java.util.Collection;
import java.util.Set;

import static java.util.Collections.emptySet;

@Configuration
public class SecurityConfig {
    @ForLogging
    private final Logger logger = LoggerFactory.getLogger(SecurityConfig.class);

    @Bean(name = "securityExcludedResources")
    public Collection<String> excludeResources() {
        return emptySet();
    }

    @Bean(name = "securityAuthorityEntries")
    public Set<AuthorityEntry> authorities() {
        return Set.of(
                new AuthorityEntry(HttpMethod.POST, "/demo/error", "*"),
                new AuthorityEntry(HttpMethod.POST, "/demo/not-exists", "*"),
                new AuthorityEntry(HttpMethod.POST, "/demo/error3", "NOT_EXISTS")
        );
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new SimplePasswordEncoder();
    }

    @Bean
    @Order(1)
    public AuthenticationProvider adminAuthenticationProvider() {
        return new AdminAuthenticationProvider();
    }

    @Bean
    @Order(2)
    public AuthenticationProvider authenticationProvider() {
        return new JdbcAuthenticationProvider();
    }

    @Bean
    public JdbcAuthenticationDao jdbcAuthenticationDao() {
        return new JdbcAuthenticationDao();
    }

    @Bean
    public AuthenticationController authenticationController() {
        return new AuthenticationController();
    }

    @Bean
    public UserController userController() {
        return new UserController();
    }
}
